aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv6
diff options
context:
space:
mode:
authorPavel Emelyanov <xemul@openvz.org>2008-05-19 16:53:02 -0400
committerDavid S. Miller <davem@davemloft.net>2008-05-19 16:53:02 -0400
commit7d291ebb834278e30c211b26fb7076adcb636ad9 (patch)
treea6f7c95feff3a4f40603bf79b5cce85dc1c96e9f /net/ipv6
parent0002c630c4ee7a3c6b1d87e34bfd6ce9694b49be (diff)
inet: Register fragmentation some ctls at read-only root.
Parts of fragments-related sysctls are read-only, but this is done by cloning all the tables and dropping write-bits from mode. Do the same but with read-only root. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6')
-rw-r--r--net/ipv6/reassembly.c35
1 files changed, 34 insertions, 1 deletions
diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c
index 130d6f6b6a6e..9391a6949b96 100644
--- a/net/ipv6/reassembly.c
+++ b/net/ipv6/reassembly.c
@@ -658,6 +658,10 @@ static struct ctl_table ip6_frags_ns_ctl_table[] = {
658 .proc_handler = &proc_dointvec_jiffies, 658 .proc_handler = &proc_dointvec_jiffies,
659 .strategy = &sysctl_jiffies, 659 .strategy = &sysctl_jiffies,
660 }, 660 },
661 { }
662};
663
664static struct ctl_table ip6_frags_ctl_table[] = {
661 { 665 {
662 .ctl_name = NET_IPV6_IP6FRAG_SECRET_INTERVAL, 666 .ctl_name = NET_IPV6_IP6FRAG_SECRET_INTERVAL,
663 .procname = "ip6frag_secret_interval", 667 .procname = "ip6frag_secret_interval",
@@ -684,7 +688,6 @@ static int ip6_frags_ns_sysctl_register(struct net *net)
684 table[0].data = &net->ipv6.frags.high_thresh; 688 table[0].data = &net->ipv6.frags.high_thresh;
685 table[1].data = &net->ipv6.frags.low_thresh; 689 table[1].data = &net->ipv6.frags.low_thresh;
686 table[2].data = &net->ipv6.frags.timeout; 690 table[2].data = &net->ipv6.frags.timeout;
687 table[3].mode &= ~0222;
688 } 691 }
689 692
690 hdr = register_net_sysctl_table(net, net_ipv6_ctl_path, table); 693 hdr = register_net_sysctl_table(net, net_ipv6_ctl_path, table);
@@ -709,6 +712,20 @@ static void ip6_frags_ns_sysctl_unregister(struct net *net)
709 unregister_net_sysctl_table(net->ipv6.sysctl.frags_hdr); 712 unregister_net_sysctl_table(net->ipv6.sysctl.frags_hdr);
710 kfree(table); 713 kfree(table);
711} 714}
715
716static struct ctl_table_header *ip6_ctl_header;
717
718static int ip6_frags_sysctl_register(void)
719{
720 ip6_ctl_header = register_net_sysctl_rotable(net_ipv6_ctl_path,
721 ip6_frags_ctl_table);
722 return ip6_ctl_header == NULL ? -ENOMEM : 0;
723}
724
725static void ip6_frags_sysctl_unregister(void)
726{
727 unregister_net_sysctl_table(ip6_ctl_header);
728}
712#else 729#else
713static inline int ip6_frags_ns_sysctl_register(struct net *net) 730static inline int ip6_frags_ns_sysctl_register(struct net *net)
714{ 731{
@@ -718,6 +735,15 @@ static inline int ip6_frags_ns_sysctl_register(struct net *net)
718static inline void ip6_frags_ns_sysctl_unregister(struct net *net) 735static inline void ip6_frags_ns_sysctl_unregister(struct net *net)
719{ 736{
720} 737}
738
739static inline int ip6_frags_sysctl_register(void)
740{
741 return 0;
742}
743
744static inline void ip6_frags_sysctl_unregister(void)
745{
746}
721#endif 747#endif
722 748
723static int ipv6_frags_init_net(struct net *net) 749static int ipv6_frags_init_net(struct net *net)
@@ -750,6 +776,10 @@ int __init ipv6_frag_init(void)
750 if (ret) 776 if (ret)
751 goto out; 777 goto out;
752 778
779 ret = ip6_frags_sysctl_register();
780 if (ret)
781 goto err_sysctl;
782
753 ret = register_pernet_subsys(&ip6_frags_ops); 783 ret = register_pernet_subsys(&ip6_frags_ops);
754 if (ret) 784 if (ret)
755 goto err_pernet; 785 goto err_pernet;
@@ -767,6 +797,8 @@ out:
767 return ret; 797 return ret;
768 798
769err_pernet: 799err_pernet:
800 ip6_frags_sysctl_unregister();
801err_sysctl:
770 inet6_del_protocol(&frag_protocol, IPPROTO_FRAGMENT); 802 inet6_del_protocol(&frag_protocol, IPPROTO_FRAGMENT);
771 goto out; 803 goto out;
772} 804}
@@ -774,6 +806,7 @@ err_pernet:
774void ipv6_frag_exit(void) 806void ipv6_frag_exit(void)
775{ 807{
776 inet_frags_fini(&ip6_frags); 808 inet_frags_fini(&ip6_frags);
809 ip6_frags_sysctl_unregister();
777 unregister_pernet_subsys(&ip6_frags_ops); 810 unregister_pernet_subsys(&ip6_frags_ops);
778 inet6_del_protocol(&frag_protocol, IPPROTO_FRAGMENT); 811 inet6_del_protocol(&frag_protocol, IPPROTO_FRAGMENT);
779} 812}